Rosen, Valenti Warn Colleges About P2P

fini writes "The RIAA and MPAA just sent a letter to 2,300 colleges or so, asking to crack down on P2P. Juicy nugget: 'Not only is piracy of copyrighted works illegal, it can take up a significant percentage of a university's costly bandwidth.' Also mentioned, some quasi-FUD on security issues. Six higher-ed honchos also sent a concurring letter. From the RIAA website, here's the story and the letters (PDF only). Mentioned as examples of model policies: Drake University, UNC Chapel Hill and University of Michigan . Interestingly enough, there is no threatening 'or else' stuff in those letters. Not yet..."

2300 letters

Is this considered spam?

New info for Colleges...

[theBraindonor]

Doesn't _every_ college that provides high-speed internet to students already know this!?

Sounds more like they are sending letters to colleges as a message to somebody else. Not the administrations, not the students, that's for sure.

Where are our refunds???

[coupland]

Though she's as bad as the rest, Courtney Love had it right when she asked how much she, as an artist, would be getting in refunds due to RIAA awards against MP3.com and similar services. If her balance hasn't been positive due to these offensive attacks then we can only assume this is only about fat, bald bureaucrats at the RIAA. I'd love to proven wrong but...

No doubt charged to the artists

[thumbtack]

The cost of which will no doubt, be charged as "operating expenses" to the webcasting royalties they are collecting, before the artists get a dime. The only thing the RIAA and their members are adept at is spending the artists money to guarantee that they never recoup.

P2P is the next killer app.

[Henry+V+.009]

Before everyone goes off on P2P:

Right now there is a major server-side bandwidth shortage. It's expensive to run a major web site. There is a client-side bandwidth glut. It's cheap to browse the internet.

The server-side bandwidth cost means is very hard to host significant content for low cost, especially if you start to get popular. This hurts web content for everyone.

The solution? P2P-type networks. Move that client-side bandwidth over to the server side. Why should someone download a web page or file from a single server when they could download it from the last ten people who viewed that same page or file? Sending every web page you visit on to another person (or 5 people) does not incur a significant rise in the cost of you connection. Sending a web page to a million people a month from one server does.

And when P2P starts to open up the web for everyone, there are going to be a lot of people who are going to be pretty sorry that they were so narrow-minded that they made it easy for colleges, cable companies, and phone companies to restrict bandwidth for P2P networks just to save a few dollars.

Re:P2P is the next killer app.

[kenthorvath]

Because as we all know, single server sytems are already somewhat insecure. Can you imaging the havoc that will be unleashed if you give 100,000 users the ability to serve out, say, slashdot's or cnn's web pages? This would certainly put a damper on any "trustworthy computing" that you may have hoped to have.

Re:P2P is the next killer app.

[ComputerSlicer23]

Yeah, there's a little company named Akaima, and a dinky opensource product named squid that beat P2P to the punch a long time ago. Akaima can solve the problem from the server end, and squid can solve it from the client end. P2P doesn't have to optimize web page delivery, it's a solved problem. Maybe not widely deployed, but anybody can solve it pretty trivially.

Okay, now P2P to solve multi-cast routing of streaming live content like movies and audio broadcasts so if 50 people on a single ISP are watching a football game broadcast over the internet live efficiently that's cool. Web pages are trivial. ISP's, businesses, colleges, have all solved this problem for the end consumer. Shit, you can't go to www.yahoo.com anymore without hitting an Akaima server. All cable modem providers in my area use transparent squid proxies to speed up web browsing.

If P2P's big goal is to solve a trivial problem solved by the HTTP 1.1 spec, in conjunction with a couple of Open Source products, plus a couple of large business, I'd say P2P is about 3 years behind the times....

That said, P2P has some cool applications and will solve some cool problems, I don't think Web pages is one of them.

Kirby

Re:P2P is the next killer app.

[ComputerSlicer23]

Akaima has caching servers in on every backbone provider. You should never ever, cross the backbone when getting data from a site that has an agreement with Akaima. This is done, because Akaima will run their DNS server, and will serve you a different IP address for a web site to direct you to a akaima server site very close to you, thus keeping you near the "cheap" client bandwidth you talked about on your original post. The net effect of that, a whole slew of people who only move upstream 3-5 steps, instead of all the across the internet. Saving an incredible about inter-backbone bandwidth. You pay them Akaima some money, and they deal with the bandwidth issues. Oh, and a user never hit your site. So you need a nice dinky connection to feed Akaima your data when you change it. They have economy of scale, and are very proficient at the problem. Most bandwidth that doesn't leave a backbone provider is cheap. They have lots of internal bandwidth as a rule. The end user gets the content much, much faster, and the traffic on the internet is smaller. Oh, and your content only has to be sent to Akaima when you change it, and your done. So you've got a pretty good chance of fixing up the problem.

Akamai doesn't do anything about bandwidth. It just stores information in its network closer to the end user.

So after reading this closely, how do you propose to save bandwith other then getting the content closer to the user? Getting the content closer to the user is the holy grail of P2P isn't it?

Squid solves the problem either by setting the brower up to use it as a proxy, or by setting up the a router to your upstream provider to transparently re-direct traffic to port 80 to a local squid server. So if anyone on your downside link attempts to hit the same page twice, you'll have no traffic leaves the network. Now your upstream ISP does the same thing. Now the upstream provider to them can do the same thing. The upstream provider from them can do the same thing, all the way to the backbone providers. So essentially, you pass thru various levels of proxying servers to get the content you want. Ummm, this sounds like a lot of Web Servers clusters passing around pages from other servers near them so you don't have to go to directly to the site. Which I'll bet money is paraphrasing your ideal P2P setup for web page delivery. Deployment of squid servers located on every Tier 1,2, and 3 bandwidth providers would look precisely like your P2P solution unless I miss my guess. This would mean when you asked for content, you'd only go upstream to the place it has been close to previously.

It's identical the caching layers in a CPU. First you look in the L1 cache, then you look in the L2 cache, then you go L3 cache. Now you look in RAM, if it isn't there you look on disk. If you've got HSM (heirarchical storage management), you look on tape.

How does this make a site cheaper... Well Akaima is cheaper then enough bandwidth to serve the pages yourself (if your big enough). It's cheaper, because you don't need nearly the bandwith, and Akaima already is huge, thus having economy of scale so they turn a profit on it, while saving you money.

Assuming everyone runs a Squid Cache at the various levels as described above, you'll only get 1 hit per page on your website ever until the cached copy expires on your backbone providers Squid Cache. You have the 11 backbone providers talk directly to each others squid caches. When provider A wants a page from provider B it asks the squid cache of provider B, the squid cache goes to your site gets the page and caches it. From now one, anyone who wants your page will get it from the backbone provider who routes you onto the internet at large. Stop and think about it, you could be getting viewed by ever slashdotter in the world, and see a single hit.

As long as the core caches have enough disk, so you don't get flushed out, you only need enough bandwith to do just that. That's it. You only need enough bandwidth to ensure that your pages can get to the core squid cache quickly enough for the first view not to die of bordom, and that's it.

Of course you run a pretty dull site, beings that you only have a static site. It doesn't work for dynamic content that depends on user level information, but then again neither would P2P.

Actually, I'm not enough of a squid expert to say that for certain. You might get 11 hits per page, one for each backbone provider now that I think about it. Still not an overwhelming amount of traffic.

Now it's time to talk reality... The backbone providers don't want to do that.... It'll save you money, and cost them money because you pay them. However, there is nothing to stop a group of people running clusters of Squid caching servers to do this for themselves. So it's doubtful it'll ever get deployed. It however is a solved problem.

As an aside, bandwidth is expensive because it's expensive. Running a website will *ALWAYS* be expensive. The core providers will always charge a premium price for it because they are providing a rare service you can't get from very many people. They charge a premium price because you'll pay it,and nobody will offer it to you for less. It's that simple... Build all the tools you want, and running a site will still cost the same amount.

Kirby

Re:P2P is the next killer app.

[ComputerSlicer23]

But here is what I meant by glut. Most people's connections (with exceptions), broadband or dial-up, are silent most of the time. They don't pay any more whether they use that bandwidth or not.

Ummm, just out of curiousity, do you have any idea WHY client side bandwidth is cheap, and why server side isn't? If your basing the premise of your P2P services off this idea you'll completely violate all of the economics of bandwidth reselling. If you are saying you want to use spare dialup bandwith, and spare cable modem bandwidth to serve pages you've downloaded to other users, you'll drive the prices of consumer bandwidth to the price of server bandwidth. Why do you think so many bandwidth providers complain about P2P applications.

ISP's oversell capacity. Last I heard it was something like 5-10 to 1 on high quality ISP's. They over sell capacity by a lot. This over selling is why they can sell it to you cheap, because your only paying for 1/5 to 1/10th of the cost of the bandwidth. That's why getting a cable modem is cheap, and getting a server hooked up at 1/10th the speed is more expensive.

So I'll say it this way... If you're trying to use spare bandwidth from users to serve pages to other users, especially if they are off your local ISP, you will ruin the good thing we have going. We get bandwidth cheaper then we should as a consumer precisely because the content providers pay so much, because an average end user doesn't use that much bandwidth. If you break that up, you realize you'll get to pay server prices for your bandwidth right?

If your structuring your P2P that way, it'll be a killer app. It'll kill the pricing scheme of consumer bandwidth.

Kirby

my college

[jon787]

Our tech person actually said that don't care what we do as long as they don't get any letters about us from the RIAA/MPAA attack dogs. So I got the file sharing type stuff running but it is restricted to the college's domain.

Re:my college

[the+gnat]

I was told something similar a few years ago when I was one of the student support staff at my alma mater (a larger private university). The IT director said the administration got letters from the RIAA all the time reporting student computers distributing copyrighted files, and asking for the student names and contact info. The university's response was to contact the student personally, make it very clear that they were not to do this or else they'd lose their network connection, verify that they'd removed copyrighted material from public view, and then reply to the RIAA that any problem that might have existed was resolved. No admission of wrongdoing, no personal information- they handle it internally and tell the RIAA to bug off.

This is by far the most sensible policy. The net admins have better things to do than monitor the network all the time, and the administration has no desire to turn over its students to entertainment lawyers. All they care about is keeping a well-ordered network, where students don't clog the T3 and don't get lawyergrams sent to the President's office. Students have in fact been thrown off the residential network for violations, but I don't think anyone's been in trouble with outside authorities.

I'm a student at UNC

[SexyKellyOsbourne]

I tried submitting a story similar to this to /., but I kid you not -- we in the local LUG were threatened with ARREST for protesting when Hillary Rosen personally came to speak to praise us for our policies.

No one was for it after we were told that by one of the CS teachers, and the protest was dissolved.

It was just like when Bush went to Ohio State , except it was for a rich corporate billionaire, not just post 9/11 presidential security!

Opposite

[Bobulusman]

I'm at Cornell University right now, and interestingly enough, the administration has seemed to be doing the exact opposite, relaxing their guidelines.

The first week, we had take an online class where we learned that if we got caught sharing, we would have community service and stuff.

Then last week, they basically send an e-mail saying that they didn't care if we downloaded stuff, as long as we didn't upload stuff. I'm too lazy to go and check the e-mail, but I believe it gave directions on how to turn off uploads in KaZaA. Weird.

"Juicy nugget"?

[tunah]

Juicy nugget: 'Not only is piracy of copyrighted works illegal, it can take up a significant percentage of a university's costly bandwidth.'

Juicy? It *can* take up a significant percentage of bandwidth. Bandwidth *is* costly. The copying of copyrighted works, according to current concensus, *is* illegal. Even if you don't agree with the illegality of it, how is the fact that the RIAA believes copying is illegal surprising or revealing?

Re:Perfect People To Tell...

[dvdeug]

College is where people are taught to turn off their minds and subscribe to politically-correct orthodoxy

Outside of college, I haven't found a whole lot of people who think, or really know the details of any orthodoxy. For the first time in my scholastic career, I had a history class that went beyond "We had a revolutionary war in 1776. We had a civil war in 1860. Abraham Lincoln was president. The good guys won both wars." and actually asked you to think about stuff. I've talked to people both on the far right and the far left and everywhere in between. Most people at high school didn't care enough to be right or left, beyond the "Republicans good; Democrats bad!" level. Yes, I've heard stories of political correctness being forced on people at universities, but it's not at every one, and even at those universities, you'll find an amazing diversity of opinion if you actually talk to the students and teachers.

Phynd

[Gadgetfreak]

www.phynd.net is a great solution to P2P. I'm sure the RIAA and MPAA will hate it just as much as P2P, but both colleges and college students love it. Here at UConn, someone has kindly donated the use of their Linux box to run Phynd, which scours the network and catalogs all types of shared files (not just mp3/ogg or movies). In a college with thousands of on campus residents, this saves hunge amounts of internet bandwidth [money] by keeping file sharing traffic entirely on campus. The students are happy because there are almost never any dead links, and files transfer at full speed.
Before this was implemented, P2P programs tied up HUGE amounts of bandwitdth. UConn was forced to administer a bandwidth quota per student, but fortunately that's only for off campus traffic, not local traffic.
But the best thing about it is that the students solved the problem all by themselves. And UConn loves it because it's saving them vast amounts of money.

My Alma Mater told RIAA to shove it

[EmagGeek]

The RIAA tried this crap a few years ago. Most of the Universities they contacted politely told them that it's not their job to enforce Federal law, and that they had no intent to try to put the technology in place that would prevent P2P networking. I know my Alma Mater was one of them, so I'm very interested if they will change their mind this time, keeping with their rapid and steady descent from a top notch university to just another sea of politcal correctness without any hint of quality education. After all, they'll be too busy playing Internet Cop to bother teaching anybody anything.

Deep down, the RIAA knows that it has absolutely no hope of forcing this upon universities, which is why these letters are absent any cease and desist language. They're just going to run it up the flagpole and see who looks.

The final word should be here that it is the job of the Executive Branch of the Federal Government to enforce Federal law. No other entity, whether state or local, has the jurisdiction nor obligation to enforce the CFR. If distributing copyrighted material is a federal crime, then it's the justice deparment, and no one else, who has the power to indict. Civilly, I find it hard to believe that the RIAA would be able to prove that distributing a song cost them any money. What downloader is going to take the stand and testify that he/she would have bought the CD had they not been able to download it? I sure wouldn't. In fact, I would testify that the ability to "try before you buy" has led to my purchasing several CDs that I normally would not have even known about, let alone bought.

Every single Borders bookstore allows you to listen to a CD, in CD quality, and in its entirety, without any inhibitions, before you buy it. Does that not constitute illegal distribution, i.e. allowing someone to listed to copyrighted music without paying? Why isn't Borders being served? How is this different than P2P, save the portability of the music?

Think about why the RIAA did this...

[scubacuda]

Seriously, think about why the RIAA is targeting colleges.

Colleges shape the way generations think. If they simply sit back and allow millions of students get accostomed to d/ling MP3s, then they have an uphill battle to fight later. They are scared to death of a new generation thinking there is nothing wrong with this.

Most of us here on the boards fit in the 20 to 50 year old category. We at least remember what it was like to have to *buy* a cd! Think about the impact of those below us who will grow up in a culture where, if you want an album, you download it and burn it yourself.

From the RIAA's point of view, it's easier to send a watered down "cease and desist" letter rather than rethinking ways to relate to this new demographic.

Re:not yet

[aronc]

There's plenty of public domain stuff out there. Last time I used a P2P app it was to collect some Christmas music for a party my wife threw. None of it was copyrighted to my knowledge.

While I completely agree that p2p piracy (last time I used it was to get some music by a friend who distributes that way) it is, alas, more than likely that those songs were indeed under copyright. The musicial composition itself is most probably public domain but the particular recordings might not have been. Remember, if it was recorded after the early 20s it is still under copyright unless it either lapsed through neglect or was intentionally placed into the public domain by the author/artist.

Early Electrical Grids

[shoemakc]

The whole situation reminds me of when electrical grids were just being set up, however metering was not widespread and the available meters crude.

Eventually when the technology improves, the system will have to move to a "pay what you weigh" billing scheme just like all of our other utilities.

I mean, let's face it. Internet access is becoming a utility, just like electricity, water gas, etc. Why then should it not be billed by the gallon, kW or whatever just like any other utility?

I know it sounds aweful to the all-you-can-eat salad bar culture, but it's probably inevitable.

-Chris

My experience with suspected "copyright violation"

[crimsun]

I worked for a couple networking depts on campus during my undergraduate "career" at UNC, among which was ResNet. I've learned a _ton_ during my years at UNC, and I continue to learn at work and in external studying. I worked with some truly great people in ATN and computer science, namely my bosses in ResNet and the security folks.

Early in my college stint, one of my Red Hat machines was hacked literally minutes after I ifup'ed eth0. Needless to say, I took an immense amount of heat because that computer was subsequently used as a waypoint to launch a DoS. What a turning point. Those who've interacted with me since have known me to be extremely critical of standard security procedures at universities; I've been very outspoken in pushing the use of strict ssh2, strong passwords, forced password expiration, keeping current with application and service updates, reading and generally being security-conscious, and other what I consider security essentials from an administrator's viewpoint. I say this because most students don't care about the difference between ssh2 and telnet; they just want to check their email and download mp3s.

Which brings me to my second point. During my junior year, I was part of one of the first large OpenNap networks. Although the particular server I operated had the enable_share parameter disabled, the nature of the network setup allowed information transfer over the entire network and thus anyone--even on a host with sharing disabled, like mine--could retrieve search results for a song search. The RIAA wasn't too happy (I don't doubt this was discovered through napigator), and in the end I had to sign a number of documents promising I would never infringe copyrights again, use excessive network resources, etc. This is despite the fact that I was operating a completely legal OpenNap server--my boss at ResNet affirmed that I wasn't sharing.

What this goes to show is that universities with _competent_ security and copyright-aware folks will throw up a safety net for you _if you're doing the right thing_. The EULA for ResNet at UNC and various links already cited in the posting above make explicit the methodology of dealing with suspected copyright violation. While I wasn't happy at the time, I have to acknowledge that UNC gave me a lot of support for which I'm grateful. The basic point is "don't do any stupid, and you won't regret it." If however, the RIAA decides to chase you down as they did me, as long as you're within your proper use, you should be ok.

I've heard separate stories about mistreatments on separate protests, but those are unfortunately not things for which I can vouch.

Some colleges like it

[tuxlove]

A friend of mine is a professor at Lewis and Clark college in Portland, OR, and he tells me that they purposefully do not block P2P of any kind. They consider this sort of a student recruitment tool. It does tend to clog their network on Friday and Saturday evenings when students are busy downloading MP3s and pr0n, but their response to the issue is to add more bandwidth to the Internet.

As far as they're concerned, it's one of the costs of doing business as a college these days.

I agree on bandwidth

[chazzf]

I work tech support for a small midwestern liberal arts college. We've got a 6 megabit outgoing. We had the subnets for KaZaa, WinMX, etc blocked. The first week of classes the connection was great. Then word got out that Morpheus was still working. Within a day the outgoing had slowed to a crawl. I like p2p as much as the next Slashbot but darn it, the network can't take that kind of abuse. We continue to allow LAN file sharing and AIM file transfers because they don't suck bandwidth, but the major p2p apps are just too wasteful...

~Chazzf

ppft ... -spray-

[cascadingstylesheet]

Outside of college, I haven't found a whole lot of people who think, or really know the details of any orthodoxy.

Um, I live in a college town. I burst out with a guffaw every time I hear someone make a connection between being a college student, and thinking or being intelligent. I can't help it.

Just make sure I don't have a mouthful of soda if you're going to say something like that :)